The SF_REQ_ADD_HEADERS_ON_DENIAL form of the ServerSupportFunction callback function allows your Web filter to add specified headers to the server error response, in the event that the HTTP request is denied because authentication failed. This allows an authentication filter to advertise its services without filtering every request.

Note  This support function will not work properly if called during or after the processing of SF_NOTIFY_SEND_RESPONSE or SF_NOTIFY_ACCESS_DENIED notifications.


BOOL WINAPI * ServerSupportFunction(
  __in  struct _HTTP_FILTER_CONTEXT* pfc,
  __in  enum SF_REQ_TYPE sfReq,
  __in  PVOID pData,
		DWORD ul1,
		DWORD ul2



Pointer to the HTTP_FILTER_CONTEXT data structure that is associated with the current, active HTTP session. Pass the filter context in this parameter.


Specifies the particular support function that is to be executed by the Forefront TMG Web filter, in this case, SF_REQ_ADD_HEADERS_ON_DENIAL.


Pointer to a null-terminated string that specifies one or more HTTP header lines. Each header should be terminated with a carriage return and line feed.


Unused in this support function.


Unused in this support function.

Return Value

This callback function returns TRUE if the call is successful; otherwise, it returns FALSE. To obtain extended error information, call GetLastError.


Generally, the HTTP headers should be Proxy-Authenticate headers (forward proxy) or WWW-Authenticate headers (reverse proxy) that specify custom authentication schemes. However, no restriction is placed on which headers can be specified.

The headers are added only for a 401 response in a reverse proxy scenario or a 407 response in a forward proxy scenario.

For more information about the types of event notifications that are sent to Web filters, see Event Notifications.


Server Requires Windows Server 2008.
Version Requires Forefront Threat Management Gateway (TMG).

Declared in Wpxhttpfilt.h.


Requires W3Filter.dll.

See Also


Send comments about this topic to Microsoft

Build date: 11/30/2009

© 2008 Microsoft Corporation. All rights reserved.

[an error occurred while processing this directive]